“The breach only affected our business systems,” said Larry McQuillan, the organization’s director of public affairs. “By design, student data resides on an external information system independent from the domain that was affected.”

The Washington-based AIR has hundreds of contracts with federal, state, and local agencies, including the United States departments of agriculture, commerce, defense, education, health and human services, and more, according to the group’s website. The organization has been a major provider of both online and pencil-and-paper assessments to districts and states, including Delaware, Minnesota, and Oregon.

AIR also has contracts with the Smarter Balanced Assessment Consortium, one of two major multi-state consortia developing online assessments aligned to the new Common Core State Standards, and the organization provides educational program evaluation and value-added teacher evaluation services to a number of states and districts. It’s worth noting that AIR is currently embroiled in a dispute over a lucrative contract being awarded by the Partnership for Assessment of Readiness for College and Careers. (The executive vice president of AIR, Gina Burkhardt, is also a member of the board of Editorial Projects in Education, the publisher of Education Week.)

Critics of the new standards are worried about what will happen to student data and test results under Common Core. In response, Florida lawmakers approved a bill which bans the collection of student biometric data, such as fingerprints, and religious or political affiliations. The bill also phases out the use of Social Security numbers to identify students.